package org.nmgyjt.springboot.utils;


import com.nimbusds.jose.*;
import com.nimbusds.jose.crypto.RSASSASigner;
import com.nimbusds.jose.jwk.RSAKey;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.SignedJWT;

import net.minidev.json.JSONObject;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.nmgyjt.springboot.entity.admin.ServiceAccount;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

import javax.annotation.Resource;
import java.text.ParseException;
import java.util.Date;

@Component
public class NMGYJTIDAASTokenUtils {

    protected static final Logger log = LogManager.getLogger(NMGYJTIDAASTokenUtils.class);

    public static String getToken() throws ParseException, JOSEException {




        String audience = "contacts";
        String accountType = "serviceAccount";
        ServiceAccount serviceAccount = new ServiceAccount();
        //内蒙古应急厅-生产 serviceAccount
        serviceAccount.setClientId("cfb0fc6c-628e-416a-a13d-ff12faa661a8");

        JSONObject privateKeyMap = new JSONObject();
        privateKeyMap.put("d", "BjUjbygc51O2wZHjWXGSxLLx2WkVAmBECrkFFU3nu-7OIXNd4OGgPC-ZDDTzjRfq9LiCgs2Zho9Kts86ozSfSD6X3zQmx2xZkOTkKbhTd6gPW6JFLun3tbjA4-Uc4YsoN6dEd5MLIK1hrTAnouXI5ciAoLMEiCRLDtCB3Q5G8g0d_3hJwSurCPww2cgJMhHbxgpWH4gTGN9aOog2m-NNB3AiC725mXCwXe72CT2nZa2aCgNHXIUWXJ8hpRiSkRBdu717LhbjuXUKdIDRdm9rCnpXnein4n2RzekcOi54s7RFwozC7qDUQXDViw7h1-shPrILZZaEmNEcV04lYdi7wQ");

        privateKeyMap.put("p", "5JEaXjYZBcQUbeTPSAyIvrpjUPvFd0GoJSeSZiPd4lU7Lh4panxLAyFSqdzjAMhAsw_3A_bXhYabxCHvq4fkEWBhIB_OMZLVD2HWnJkKbCB7tRLj49-l9wG7T2FX1s57XVmcjzVWlz87VoFx6vJv5m8fiDyuSbczcZ1t2DJiAQ8");

        privateKeyMap.put("kty", "RSA");
        privateKeyMap.put("q", "kDG8afi67BxlWnFZFaILm9uhctjPYZIAmN-S0UYg3WdzyhhgwDGiwqiP_obHn8Z0m7k7t5UogDEPs4QUsMKXh0dwn64ZpWGLyak6wvQaWKWzE1Yp_8jCrrq208litilyP2QKwapfsMdfiKbPhoGaJHY5VMZGExXCUyPVoeLkSK0");

        privateKeyMap.put("e", "AQAB");
        privateKeyMap.put("use", "sig");
        privateKeyMap.put("kid", "0f2248c4-3676-4630-b8c0-d404c1e9d7c1");
        privateKeyMap.put("qi", "FChQvGYaFvvvqw1ArNM77lpY2jLT-6poL3YxRVDhUaBg3-uvWACWQYjFjkqAfLwtPY5c8d4AtAV4Y5Em7uRA-UITc1tBhnIUor1bR92uzl_SyxBTN154aj1cNAmApl-OcuSDeoIxFOBofd2JvXUVFGXPuSl4Z6el2g6Ty5JHjJ4");
        privateKeyMap.put("dp", "3DwkmBqwSaoBtVH_mIDbUkvuXp36S0rsZcCXg-uTZP6TI4DUj1JsRPva1umLoblS_jan4R371SE6_eVlNnad_1BKxdVfrMy6lzPCwumD7WPvTy6Af5WEKVl1zqsRJF2Y6P3rqOHQKbQ3zMa1qZko0XTJgVBW75ii7RqwON1zKWk");
        privateKeyMap.put("dq", "HfC11qs25N_gi68NeFh1YJ9yHo62QOQ4C4YgziNpn49jk4sMS9wCl7i4bXk-6gYjIFKN-8iU6ElHoVbDlRBStlw3HnDgEl72z6C7-s8EyXNeg51Yiyv8gJt0avVd8cUZW-BB-4SM6f_77jv0y1EN2JRTwy6ITl4uQ2Ulbr_V9uE");
        privateKeyMap.put("n", "gL4G1Ddq5C6CDF25oHrVFdmk-HXTj6hgzyeEuZlcLeWYUxQJauWErvlLfOvjpjHoZWJy-3jlw8r1egAeAohNhLBLAFNxDyjpF9rR3099FQZmswICsDb6JFTJ76K8fRYtmEMWlvfLKDk5PbfNsgTYG1VrrqJy-Eoki6FuoL2R2XLgt66y6eueACuC01AkK-kUlTendxvdcLK3DS0WC4bsrYwXosEKNOtTnHa_Ftdl2aUVEt1LaLcFNTLHtRpeXinWjs3F7S6hMLa20abrexFx-IXMUb6kZhihezlHFEOIm6cWfQw3OXRonWB11QJTiyAsGNBIkQs5GeX74JLsy-LvIw");

        serviceAccount.setPrivateKey(privateKeyMap);
        // service account属性
        String token = genToken(audience, accountType, serviceAccount);

        return token;

    }


    public static String genToken(String audience, String accountType, ServiceAccount serviceAccount) throws JOSEException, ParseException {
        JWSHeader jwsHeader = new JWSHeader.Builder(JWSAlgorithm.RS256)
                .type(JOSEObjectType.JWT)
                .keyID(serviceAccount.parseKeyId())
                .build();

        JWTClaimsSet claimsSet = new JWTClaimsSet.Builder()
                .issueTime(new Date(System.currentTimeMillis()))
                .expirationTime(new Date(System.currentTimeMillis() + 1000 * 60 * 10))
                .audience(audience)
                .issuer(serviceAccount.getClientId())
                .claim("account_type", accountType)
                .build();

        SignedJWT jwt = new SignedJWT(jwsHeader, claimsSet);

        RSAKey rsaKey = RSAKey.parse(serviceAccount.getPrivateKey());
        JWSSigner signer = new RSASSASigner(rsaKey, true);
        jwt.sign(signer);
        return jwt.serialize();
    }

}
